Hello!
On Mon, Apr 28, 2008 at 11:29:08PM -0400, Calomel wrote:
>Building Nginx 0.6.29, we are also _unable_ to get limit_zone/limit_conn to
>work as expected.
>>As a test we setup the relative lines in the http and server sections. Nginx
>should only accept ONE concurrent connection for any single ip address.
>>http{
> limit_zone gulag $binary_remote_addr 1m;
> server{
> limit_conn gulag 1;
> }
>}
>>When I run "ab -c 50 -n 10000 http://testbox/" the server answers all
>requests with response code 200. As you mentioned, this is _not_ the
>expected behavior.
>>Perhaps we are missing something? The code could be at fault or perhaps
>something has been omitted from the Wiki and the documentation. If there is
>a proper solution I will make sure to document it.
It looks like there is some misunderstanding regarding to what
limit_conn actually limits. It limits concurrent connections
*processed* by nginx (not keep-alive ones), and only after header
has been received (and thus configuration for request has been
determined).
Since nginx is event-based, with one worker process you shouldn't
expect requests to hit limit_conn unless they block at some stage
(i.e. responses bigger than socket buffers if sendfile off,
replies bigger than sendfile_max_chunk if sendfile on, proxy_pass
...). With many workers limit_conn may be hit without blocking,
but this generally requires _very_ high concurrency for small
requests.
Maxim Dounin